cau hinh isa mo hinh 3leg- dmz
DESCRIPTION
ISATRANSCRIPT
-
PUBLIC SERVER TRONG VNG DMZ QUA ISA 2006
M hnh mng gm 3 my tnh nh sau :
- 1 my server DC, DNS vi 3 card mng - 1 my webserver, Mail server nm trong vng DMZ - 1 my lm firewall ci ISA 2006
Cc my cu hnh a ch IP nh sau:
-
- My lm Webserver, Mail Server:
- My ISA
Card Lan:
-
Card Internet:
-
Card DMZ:
-
My Domain Controller:
-
- Tin hnh nng cp Domain Controller ln Domain abc.com - Join my ISA vo domain
Ci t ISA trn my Isa, sau khi ci t xong, vo Configuration -> Network, chn template 3 leg Perimeter
-
Xut hin bng sau, click Next:
-
Chn Add Adapter, chn card DMZ
-
Nhn Finish kt thc.
-
Tip theo chng ta chuyn qua tab Network Rule
Chn Perimeter Configuration Properties
-
Chn qua Tab Network Relationship, chuyn sang ch Route
-
Apply ri OK Tip theo chng ta chn Permeter Access Properties
-
Chn qua tab Network Relationship
-
Chuyn sang ch Network Address Translation (NAT)
-
Apply OK Tip theo cn to mt rule cho mng Internal v DMZ c th lin lc c vi nhau
-
Sau khi to xong rule ny th t my DMZ chng ta ping th n my Domain Controller c kt qu nh sau:
Vy l thng ng ti my DC, tip theo chng ta s tin hnh join my DMZ
-
Sau khi join domain thnh cng khi ng li my tnh Tip theo trn my DMZ chng ta to 1 webserver v File server
-
Trong C to th mc web, sau to mt trang web vi ni dung nh sau :
-
M IIS ln, Click phi vo Web Sites chn New => Web site
-
V li my DC, trn DC chng ta to ln lt cc host name nh hnh di
Th truy cp web trn c 3 my . M IE ln g www.abc.com
-
Ci t NO-IP Vn tip theo l ci DUC ln my ISA server ci ny dng cp nht a ch mt ngai ca Route. Vo trang www.no-ip.com ti DUCsetup.exe v ci
-
Nhp Double vo ducsetup.exe
-
n y bn nhp E-mail Address/Password ng k trn trang No-ip.com Ok
Mn hnh NO-IP DUC v2.2.1 hin ra nh bn trn c 1 host free do ti ng k trn ti khan No-IP ca ti, ci ny dng cp nht a ch mt ngai ca Route nhng khi s dng th ta s g, v d: http://tranuy.no-ip.biz
-
- Cu hnh Public Webserver
-
Chn New to Web Listener
-
Chn Listener trn card External
-
Chn No Authentication
-
Tip theo vo modem nat port 80 v 53 na. Th l xong, by gi chng ta kim tra li xem th no !!! Qua 1 line internet khc check nh !
Chc cc bn thnh cng !
NGUYN HONG V